I was thinking about the idea of using Exchange "Native Data Protection" in place of databae backups. One part i can't get around is that a phyiscal database backup carried out by staff other than the Exchange admin ensures a degree of segmentation.
Scenario: Exchange admin snaps (or is vengeful) and decides to delete the databases. Today that is a major incident, but there are backups and we can recover in time. In the case of , as far as I can tell, that's it. The e-mail is gone. (CIO to follow)
Is there a mitigation here that I am not thinking of?